package com.zretc.security.expression;

import com.zretc.security.entity.LoginUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

@Component("zr")
public class MyExpressionRoot {
    
    public boolean hasAnyAuthority(String authority){
        //获得用户信息
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
        //验证用户权限列表中是否 含有 需要的权限
        return loginUser.getPermissions().contains(authority);
        //  system:dept:*
        //  system:*:*
        //  *:*:*
    }
        
}
